PT-2020-7918 · Samsung · Samsung Mobile Devices
Published
2020-04-10
·
Updated
2020-04-13
·
CVE-2015-9547
CVSS v2.0
7.8
High
| Vector | AV:N/AC:L/Au:N/C:C/I:N/A:N |
Name of the Vulnerable Software and Affected Versions:
Samsung mobile devices with JBP(4.3) software
Samsung mobile devices with KK(4.4.2) software
Description:
An issue was discovered on Samsung mobile devices where the READ LOGS permission is mishandled. This mishandling discloses sensitive information in a world-readable copy of the log file when specific error messages occur, such as "Unhandled exception in Dalvik VM," "Application not responding ANR event," or "Crash on an application's native code."
Recommendations:
For Samsung mobile devices with JBP(4.3) software: At the moment, there is no information about a newer version that contains a fix for this issue.
For Samsung mobile devices with KK(4.4.2) software: At the moment, there is no information about a newer version that contains a fix for this issue.
Fix
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Samsung Mobile Devices